The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

This innovative education and training program includes the following key elements:

An introduction to the key components of the NIST Cybersecurity Framework

How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy

An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications

How to use the Framework to protect critical information assets

A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program

A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

The class will help individuals and organizations acquire knowledge, skills, and abilities to:

Develop a strategy to apply the NIST Cybersecurity Framework to their environment

Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework

Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed

Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps

Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps

Identify required workforce skills and develop career pathways for improving skills and experience

About the instructor:

Larry Wilson is the CISO for UMass President’s Office since 2009.

Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.

Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.

Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

Alpine Security CEO, Christian Espinosa, a bronze sponsor of SecureWorld Chicago, hosts SecureWorld Plus training session on Cyber Defense Ineffectiveness and What We Can Do About It. Attendees will be exposed to data gathered from real-world penetration tests, audits, and incident responses, bringing attention to the current state of cyber defense. Attendees will become familiar with the top 5 trending cybersecurity misconceptions and learn actionable solutions and tools to approach cyber defense and to create a more secure world. Upon completion of this 6-hour training session, attendees will be eligible to receive 12 CPE’s.

“Ransomware & cyber extortion are effective because organizations blindly implement controls without a risk-based strategy, have poor cybersecurity awareness, and have difficulty determining the validity of ‘incriminating data’ used for cyber extortion.” -Christian Espinosa

Throughout this training session, Christian Espinosa will candidly discuss the following key elements:

Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it?

Data gathered from real-world penetration tests, audits, and incident responses to focus on the current state of cyber defense.

Motivations, breaches, and primary tactics used by attackers.

Opportunities and solutions to address common issues such as how more organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse.

During this training session, you can expect to participate in group activities and discussions. Be open to new ideas and approaches. We can learn from each other.

Meet the Trainer:Christian Espinosa is Alpine Security’s CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

Security awareness is often viewed as this intangible part of information security that is always “too” something—too costly, too much effort, too difficult to qualify. But word on the street is that a little bit of awareness is worth its weight in salt, so why are there so many varying perspectives on precisely “how” to implement a security awareness program? The answer is simple: If the streets are talking, shouldn’t someone be listening?

Grow your personal influence, your leadership possibilities and move your InfoSec objectives forward (faster) by thinking differently about how you communicate. Whether your audience is the board, your team, or any part of the business, this session will help you and your communication stand out. Lead by a long-time TV reporter turned cybersecurity journalist who shares a framework for powerful communication you can implement immediately.

8:30 am

InfraGard Meeting: Light Breakfast and Guest Presentation - Open to all Attendees

Interested in your local associations? Join InfraGard for a chapter meeting, light breakfast, and guest presentation. This session is open to all attendees.Guest Presentation:
Threat Intelligence Panel

9:30 am

OPENING KEYNOTE — The Nation-State, the Corporation, and You: Cybersecurity in the Cyber Age

Machine Learning, AI, IoT, Block Chain …. The new gold rush for digital transformation is taking everyone by storm. From market analysts, to expert consultants and other technology gurus, organizations are bombarded by articles, reports and predictions that warn them to get onboard the digital bandwagon or die.

In this perfect storm CISOs are often threatened that if they stand in the way of the business gold miners they will be bypassed or worse eliminated.

In this talk, I will explore the pressures and the challenges of the modern CISO, what they can do to survive in this harsh environment and how to enable the business through defense and not just compliance.

11:15 am

The United States Secret Service’s Cyber Threat Answer: The Electronic Crimes Task Force

Learn how the United States Secret Service responds to the emerging cyber threat by partnering with state and local law enforcement, academia, and the private sector through their Electronic Crimes Task Force (ECTF). The ECTF investigates everything from business email compromises, romance schemes, network intrusions, financial fraud, and much more.

This presentation will discuss and present what we have seen in the industry and the changes to the global threat landscape, but will also go over the newest emerging threats and our predictions for the near future.

To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.Panelists
Sean Griesheimer, RSA
Scott Hamann, One Identity
Heeyoung Sim, Darktrace
Justin Sharples,Core First Bank & Trust
Rich Keith, SailPointModerator: John Godfrey, CISO, University of Kansas Medical Center

1:15 pm

Panel: Cloudy with a Chance of Breach

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

Location / Room: Courtyard 3

Everything old is new again. Migrating to the cloud certainly is not a new thing. It is for some smaller companies that are just now able to afford making the move to the cloud. Cloud boasts a secure, disaster proof option for companies to store their data offsite with access to that data from practically anywhere. So, who’s fault is it when the data is compromised? What if your information is stolen from the cloud because another user’s data was at fault? At the end of the day, isn’t the cloud just someone else’s computer? Join this panel discussion as they guide you through the pros and cons in migrating to the cloud.Panelists
Ronald Pipkins, Alert Logic
Brandon Bradshaw, Trend Micro
Ron Shuck, CURO Financial Technologies Corp.
Kevin Augspurger, Unite Private NetworksModerator: Florian Yanez, Helzberg Diamonds

2:15 pm

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

2:15 pm - 3:00 pm

Location / Room: Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

2:30 pm

Dash for Prizes and CyberHunt Winners Announced

Registration Level:

2:30 pm - 2:45 pm

Location / Room: Exhibitor Floor

Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

It is often said that true knowledge must be gained through experience; either through one’s own life or through others. Join this opportunity to hear from women who bring perspectives from diverse industries (retail, financial, healthcare, utilities) as they share their different experiences as women living the information security career journey.

Throughout the world, legislators regularly update privacy and security laws in an (arguably futile) attempt to keep pace with changes in technology. In this presentation, Laura Clark Fey (KU Law School graduate and Privacy Law Specialist (IAPP), CIPP/US, CIPP/E, CIPM, FIP) of Fey LLC, a boutique global data privacy law firm, will discuss significant developments in privacy and security laws in the U.S. and abroad. She will explain the impact of these developments, project future trends, and provide recommendations for complying with challenging and ever-changing privacy and security laws.

Ninety-five percent of all cyber-attacks are human enabled. Organizations continue to fail at addressing human factors in cybersecurity due to a lack of education and appreciation for human factors as a science. With the increasing spending on technology to safeguard organizations’ critical networks, systems, and data, cybercriminals are circumventing defense-in-depth architectures to target humans, the weakest link. An existing fallacy is that technology will prevent data breaches, ransomware attacks, or cyber-attacks. In fact, integrating new technology creates unintended consequences that increase vulnerabilities. These technologically-induced vulnerabilities are human-enabled highlighting a lack of appreciation for human factors in cybersecurity–let’s reduce human-enable errors

Keynote & Speaker Information

SecureWorld Kansas City

May 8, 2019

Exhibitors

Alert Logic

Booth: 210

Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

Alpine Security

Booth: 228

Alpine Security is a Service Disabled Veteran owned Small Business. We have extensive experience with security audits, regulatory compliance audits, vulnerability assessments, penetration testing (network, application, web application, and physical), social engineering, incident response, digital forensics, and user awareness & technical training. Our team members are Industry Certified, bring vast project experience, highly educated, trusted, and experienced. We have been on United States government red teams and have experience with military cyber operations – offensive and defensive. Our team is also well-versed and experienced with commercial security assessments, audits, penetration testing, risk assessments, and incident response. We have performed penetration tests and assessments for numerous industries, including aerospace & defense, education, healthcare, financial, energy, and oil & gas. Our extensive experience in high-risk and complex environments ensures we are prepared to test your environment, regardless of the risk-level or complexity. We’ve been tested under fire.

In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

Darktrace

Booth: 500

Darktrace is the world’s leading AI company for cyber defense. With over 7,000 deployments worldwide, the Enterprise Immune System is relied on to detect and fight back against cyber-attacks in real time. The self-learning AI takes one hour to install, works across the cloud, SaaS, corporate networks, IoT and industrial systems, and protects against the full range of cyber-threats and vulnerabilities, from insider threats and ransomware, to stealthy and silent attackers. Darktrace has 800 employees and 40 offices worldwide, with headquarters in San Francisco, and Cambridge, UK.

EC-Council

Booth: TBD

International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

Erkios Systems

Booth: Start Up

Erkios has developed an enterprise cyber security product called FortiFi™ that enables organizations to safeguard their technology infrastructure from insider threats. We were founded with the intention of bringing innovation to the information security world so your internal data can be protected.

Gemalto

Booth: 120

Today’s enterprises depend on the cloud, data and software to make decisive decisions. That’s why the most respected brands and largest organizations in the world rely on Thales to help them protect their most sensitive information and software wherever it is created, accessed or stored – from the cloud and data centers to devices and across networks. As the global leader in cloud and data protection, our solutions enable organizations to move to the cloud securely, achieve compliance with confidence, and create more value from their software in the devices and services used by millions of consumers every day.

Global Cyber Alliance

Booth: TBD

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

GuidePoint Security LLC

Booth: 120

GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.

The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.

ISACA Kansas City

Booth: TBD

Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.

(ISC)2 Kansas City Chapter

Booth: TBD

The mission of (ISC)² Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.

“We” began as a few security-minded friends that worked together. We decided to quit talking about launching a local (ISC)² chapter in Kansas City or worse yet, wait around for someone else to do it for us. We stepped up and took the initiative. We have been growing as others hear about our group and join with us.

ISSA Central Plains Chapter

Booth: TBD

The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.MEETINGS
General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

Ixia, a Keysight Business

Booth: 103

We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

Kansas City ECTF

Booth: TBD

The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.

In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.

The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.

The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.

KU – Edwards Campus

Booth: TBD

The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.

Mimecast

Booth: 113

Mimecast Is Making Email Safer For Business.

Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

NetSkope

Booth: 120

Netskope offers the industry’s only all-mode architecture that supports any use case. This starts with the option of being deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. When it comes to traffic steering, Netskope supports every possible out-of-band and inline mode, including forward and reverse proxy, secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

One Identity

Booth: 119

Turn security from the practice of denial and restriction to the utopia of enablement and transformation with the One Identity family of IAM solutions for access management, identity governance, and privileged account management on prem and in the cloud.

SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

SecKC

Booth: TBD

For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.

SOFTwarfare

Booth: 211

Organizations today must account for, secure, and evaluate their protections for system-to-system communications often crossing the different boundaries they establish for their technical infrastructure. SOFTwarfare is a comprehensive product platform partner who solves the integration headaches that most Our customers face, one integration at a time. The KillerAppz™ Platform delivers to customers one common methodology for architecture-driven, cloud hybrid-integrated environments and will help the broader cybersecurity industry to make changes to the way they integrate cyber systems.

Symantec

Booth: 120

Symantec is the world’s leading cyber security company. Organizations worldwide look to Symantec for strategic, integrated solutions to defend against sophisticated attacks, and more than 50 million people rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home. For more information, please visit www.symantec.com.

TechTarget

Booth: TBD

TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

Tenable

Booth: 120

Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

Trend Micro

Booth: 208

Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

Women in Security – Kansas City

Booth: TBD

Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.

Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

Christian Espinosa is Alpine Security's CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

Dominick Frazier is a security professional with over 13 years of security experience with his current role being in Information Technology/Cyber-Security. In his current role he serves as the Security Awareness & Communication Manager responsible for the conversation around security between technical and non-technical teams, which extends to both employees and clients. Given his tenure in security, he has robust knowledge of the information technology and physical security sector including applicable regulations and frameworks.

Bruce Sussman is a life-long storyteller who spent 20 years on TV screens in Portland, Oregon, as a journalist and meteorologist, winning two regional Emmy awards for “Best Weather Anchor.” He still pops up on KATU News occasionally, but he’s more likely to be spotted now on a security podcast, moderating a panel discussion at a SecureWorld InfoSec conference, or leading a session on more powerful communication in a corporate environment. After a brief stint at Gartner working with CISOs, Sussman now leads cybersecurity writing and content for SecureWorld’s media division.

Jeff is the Director of Solutions Engineering at @RISK Technologies as a Technical Director sitting at the nexus of Sales, Deployment, Operations, and Product Development. Interacting directly with customer C-Suite and Technical Staff to drive sales, customer satisfaction, and innovation back into the platform. Jeff provides operational and cybersecurity analytical guidance, both externally and internally. He is a national security leadership professional and data scientist with hands-on leadership, technical and systems engineering background in Security Operations Center (SOC) design and management, big data architectures, large scale multi-million dollar project management, big data analysis, cyber analysis, network architecture, network security, wireless technologies, telecom and software development.

As a Vice President he organized and led a global deployment organization in the Telco industry. Jeff has provided strategic planning and execution in a number of his leadership roles. He also has extensive and recent hands-on experience in IBM platforms (QRadar, Netezza, Connections, IBM Content Analytics, Cognos) and holds a number of certifications in Big Data.

Jeff was recently Director of Cyber Operations worldwide for Qualitest, managing and building cybersecurity services to support QualiTest's Application and Cyber testing. He drove global development supporting onsite, near shore, and offshore testing in the U.S., Europe, Asia, and the Middle East. In that role he was on contract acting as the Sr. Security Strategist at the world’s largest beverage company’s Next Generation SOC in Bangalore, India. He was in charge of technical and operational leadership, recruitment and hiring of key personnel, as well as guiding the automation and threat analytics team. Recently, he provided both architectural and operational consulting to multiple large health care organizations in both the advancement of the SOC through data analytics and optimization of SIEM platforms, as well as the development of threat intelligence cells to provide proactive (Shift Left) response to pending threats.

Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

Yaron Levi is the CISO for Blue Cross and Blue Shield of Kansas City (Blue KC), Prior to joining Blue KC, Yaron was a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies and is the co-founder of the Kansas City CISO forum. In 2018, Yaron graduated from the FBI CISO academy and is currently serves on the board of InfraGard KC

Andrew Matushek is a Senior Special Agent (SSA) with the United States Secret Service. He is also the Assistant Director of the Kansas City Electronic Crimes Task Force (ECTF) and has over 19 years of experience. He has previously served in Arizona, California, and Washington, DC, prior to landing in Kansas City. SSA Matushek is current active in the United States Secret Service Electronic Crimes Special Agent Program (ECSAP) and Critical Systems Protection (CSP) Program

Brandon has been with Trend Micro for three plus years, and has been in the IT Industry since the late 1990s. As a Sales Engineer, it's his passion to be the technical bridge between sales and customers.

Rebecca is CEO of The Privacy Professor® consultancy and President of SIMBUS, LLC, an infosec, privacy, technology, and compliance management cloud service. Rebecca has over 25 years of experience, has authored 19 books and hundreds of book chapters and published articles, and serves as an expert witness for information security, privacy, and compliance issues. Rebecca appears regularly on the KCWI23 morning television show and is based in Des Moines, Iowa.

Beth Strobel began her career at a global aerospace and defense company, maintaining responsibility for the ethics and legal compliance training and awareness programs. She's since worked in both technical and sales roles at technology companies providing solutions for cybersecurity and governance, risk and compliance. Beth currently serves as treasurer for Women In Security - Kansas City (WIS-KC).

Cindi Carter

Vice President, Chief Security Officer, MedeAnalytics

As Vice President, Chief Security Officer (CSO) at MedeAnalytics, Cindi oversees global enterprise security. Her mission encompasses creating a culture that places high value on securing and protecting MedeAnalytics and the clients’ information entrusted to them. Cindi has built and matured both cyber and physical security practices at The University of Michigan Health System and Cerner Corporation. More recently, Cindi served as the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City. Cindi is the founding President of Women in Security-Kansas City, a non-profit organization with the mission to support women at all career levels in Information Security, and serves as an Advisory Board member within the security industry.

Britney began the first decade of her security career in the US Army where she managed over 90 teams and traveled internationally to assess the security of international government partners. She now oversees the Information Security Department for AMC Theatres. She is responsible for the development and implementation of the global strategy, oversees all security personnel, and ensures executive-level concerns are addressed. Britney is a certified CISSP, CISM, PMP, and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics, and an MS in Cybersecurity. She was also named an IT Security Power Player by SC Magazine.

Kristen Ellis is the Security Officer for Clinical Reference Laboratory, Inc. in Lenexa, KS. She obtained her Certified Information Systems Security Professional (CISSP) designation in 2012 and has over 23 years of Information Technology experience, twelve years focused in security. Mrs. Ellis has been instrumental in the development of the security program for 3 companies in the finance and medical industries, with focus on the NIST Cybersecurity Framework and 800-53 Security and Privacy Controls.
Mrs. Ellis maintains memberships with InfraGard, ISC2, ISSA, ISACA and PMI; additionally she holds a top-secret security clearance. Prior to joining Clinical Reference Laboratory, Inc., Mrs. Ellis achieved multiple Department of Defense DIACAP Authorizations to Operate (ATO) for TMA, MHS/JTF, Air Force, Army, and Navy for a pharmaceutical automation company. She’s managed projects worth $90,000,000 in revenue retention and $6,800,000 in new revenue and consulted on many distressed projects to guide them toward successful completion.

Laura Clark Fey, one of the first 27 U.S. attorneys recognized as Privacy Law Specialists (IAPP), leads Fey LLC, a global data privacy and information governance law firm. She and her team help organizations develop and implement practical solutions to their unique data privacy and information governance challenges. Laura is a member of the inaugural class of IAPP Fellows of Information Privacy (FIP), a Certified U.S. and European Information Privacy Professional (CIPP/US/E), and a Certified Information Privacy Manager (CIPM). The U.S. Department of Commerce and the European Commission have selected Laura as a Privacy Shield arbitrator.

Dr. Nobles is a Cybersecurity Scientist and practitioner with more than 25 years of experience. He teaches cybersecurity at several universities. He recently retired from the Navy and is currently employed in the Financial and Services Industry. Dr. Nobles is a Cybersecurity Policy Fellow with the New America Think Tank. He authored a book on the integration of technologically advanced aircraft in general aviation. His personal story is featured in the book, Black Men Changing the Narrative Through Education. Dr. Nobles serves as Chairman, of a Cybersecurity Technology Advisory Board and on the Intelligence and National Security Alliance Cyber Council. He has fulfilled various executive-level positions as a cybersecurity professional.

Conference App and Microsite!

Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes